On 7 April 2026, Anthropic quietly released the most capable coding AI ever built. Claude Mythos scored 93.9% on SWE-bench Verified, the industry-standard benchmark for real-world software engineering tasks. It solved nearly 94 out of every 100 genuine software bugs. It scored 94.6% on GPQA Diamond, the hardest science reasoning benchmark available.
Anthropic also won't let you use it.
Mythos is restricted to around 40 organisations, including Apple, AWS, and Microsoft. The reason? Anthropic determined that Mythos is so capable at discovering security vulnerabilities that releasing it broadly would pose a net risk to the internet. The model autonomously found thousands of zero-day vulnerabilities during testing. Anthropic classified it as a dual-use threat and limited it to defensive cybersecurity research only.
Let that sink in for a moment. The best coding AI in existence is too dangerous to ship publicly.
While that news settles, let's look at what you actually have access to right now — and what all of this means if you are building production software with AI tools.
The Coding AI Landscape in April 2026
Mythos is impressive, but it exists in a separate category from the tools available to most developers. Here is where things actually stand:
| Model | SWE-bench / Arena Score | Access |
|---|---|---|
| Claude MythosRestricted | 93.9% | 40 orgs only |
| GPT-5.4 mini | Arena 1075 | Public |
| Claude Sonnet 4.6 | Arena 1062 | Public |
| Claude Opus 4.6 | ~80% SWE-bench | Public |
| MiniMax M2.5 | 80.2% SWE-bench | Public |
| Gemini 3.1 Pro | 78.8% SWE-bench | Public |
| GLM-5 | 77.8% SWE-bench | Open source |
The numbers are remarkable. Even open-source models like GLM-5 are approaching 80% on SWE-bench. GPT-5.4 mini is leading the Chatbot Arena leaderboard. The gap between frontier models and open-source alternatives is closing fast.
For practical vibe coding, the tools available today are genuinely extraordinary. Claude Sonnet 4.6 and GPT-5.4 mini can build complex features from natural language descriptions. They produce working code at a pace that would have seemed impossible two years ago. The question is not whether these tools are capable. It is what capability actually means when you are trying to run software in production.
The Paradox Nobody Talks About
Here is something counterintuitive. As AI coding models get better, the gap between "it works" and "it's production-ready" gets wider, not narrower.
Think about what better models actually do. They build more complex systems, faster. A model at 80% SWE-bench can generate a working authentication system, a payment integration, a multi-tenant database schema, and a deployment configuration in an afternoon. That is genuinely useful. It is also a lot more surface area to secure, monitor, maintain, and scale.
A model that writes 80% of your app in an afternoon still leaves you with the hardest 20%. That 20% is not random. It is the part that requires understanding your specific business context, your data sensitivity, your regulatory obligations, and your operational constraints. It is the part where generic training data does not help.
Better models also mean bigger applications built by people with less engineering background. The prototypes are more impressive. The gaps in production readiness are just as real. More surface area, same number of eyes on it.
Faster development velocity is only an advantage if your quality assurance can keep pace. A model that builds three times faster creates three times the review burden, not three times the safety.
What Mythos Actually Tells Us
The decision to restrict Mythos is significant beyond the headline number. Anthropic did not limit access because the model was too buggy or too expensive to run. They limited it because it was too good at finding security vulnerabilities. The model that can autonomously patch software bugs can also autonomously discover how to exploit them.
This has a direct implication for every vibe-coded application running today. The tools that sophisticated attackers have access to are advancing at the same pace as the tools developers use to build. Your AI-generated codebase is being written with models that score 80% on engineering benchmarks. The scanning tools being used to probe it for vulnerabilities are operating at a similar level of capability.
Security is not a problem that improves automatically as models get smarter. The attack surface and the attack tooling advance together. What changes is the scale and speed at which both operate.
Anthropic's decision to restrict Mythos is, in a strange way, a vote of confidence in the seriousness of the security problem. They built the most capable coding model ever created and concluded that broad access would cause net harm. That is not a casual assessment.
What This Means If You Are Vibe Coding
None of this is an argument against using AI coding tools. They are genuinely transformative. The ability to build functional software without writing every line by hand has opened up product development to a much wider group of people, and that is a good thing.
But there is a clear line in the risk profile of a vibe-coded application. On one side of that line: prototypes, internal tools, demos, personal projects. These carry lower stakes. The cost of a failure is manageable. On the other side: anything that handles real users, real data, or real money.
Once you cross that line, the questions that AI tools answer well (what should this code do?) become less important than the questions they answer poorly (is this code safe to run at scale, under adversarial conditions, against the compliance requirements of your industry?).
The models are not going to solve this by getting smarter. A model at 99% SWE-bench still does not know that your users are subject to GDPR, that your payment processor requires PCI DSS compliance, that your cloud provider's default configurations are not appropriate for production workloads, or that your error logs are currently exposing stack traces with sensitive data to anyone who looks.
That knowledge is contextual. It requires understanding your specific situation. It requires human judgement applied to your specific application.
The Tools Are Getting Better. The Gap Is Not Closing.
Mythos is a milestone. A model that can autonomously solve 94% of real-world engineering tasks is a genuinely remarkable achievement. The models available to you today — Sonnet 4.6, GPT-5.4 mini, Opus 4.6 — are already the best coding assistants that have ever existed.
Use them. Build with them. They will make you faster and your products more ambitious.
But the hardest parts of shipping software — the security review, the infrastructure hardening, the compliance posture, the monitoring, the incident response plan — are not going to be automated away by a better benchmark score. They require the kind of engineering judgement that comes from running production systems and seeing what breaks.
At Diffian, we work with founders who have built impressive things quickly with AI tools, and who need help closing the gap between "it works" and "it is ready for real users." If that sounds familiar, we should talk.